[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-186-g037be
|
From: |
Mats Erik Andersson |
|
Subject: |
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-186-g037be5b |
|
Date: |
Thu, 11 Oct 2012 00:23:14 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Inetutils ".
The branch, master has been updated
via 037be5ba9e0ff931ffddbba117939094126ca443 (commit)
from e4ac90ae657b406b66ba25e68198b96764c322dc (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=037be5ba9e0ff931ffddbba117939094126ca443
commit 037be5ba9e0ff931ffddbba117939094126ca443
Author: Mats Erik Andersson <address@hidden>
Date: Thu Oct 11 02:14:13 2012 +0200
telnetd: Resolve mixed up host names.
diff --git a/ChangeLog b/ChangeLog
index c2474df..6f34b80 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,26 @@
+2012-10-11 Mats Erik Andersson <address@hidden>
+
+ telnetd: Set local name correctly for libshishi.
+ Improve selectivity of intended server host key.
+
+ * libtelnet/shishi.h (krb5shishi_is_auth): Replace call
+ to shishi_hostkeys_for_server(), with a variant where
+ default realm is made explicit with shishi_realm_default().
+
+ * telnetd/telnetd.c (telnetd_setup)
+ [AUTHENTICATION || ENCRYPTION]: Exchange places of
+ `local_hostname' and `remote_hostname' in call to
+ auth_encrypt_init().
+
+ rlogind: Enable Kerberised daemon mode listener.
+
+ * src/rlogind.c (DEFPORT_KLOGIN, DEFPORT_EKLOGIN): New macros.
+ (rlogin_daemon): New variable SERVICE. Use service port
+ `login', `klogin', or `eklogin' according to set options.
+
+ * src/rlogin.c (main) <rcmd failure>: Print a NL, finishing
+ an unfinished error massage emitted by Glibc.
+
2012-10-08 Mats Erik Andersson <address@hidden>
rlogind: Support libwrap in daemon mode.
diff --git a/libtelnet/shishi.c b/libtelnet/shishi.c
index 32a59e6..9edd4e5 100644
--- a/libtelnet/shishi.c
+++ b/libtelnet/shishi.c
@@ -501,7 +501,9 @@ krb5shishi_is_auth (TN_Authenticator * a, unsigned char
*data, int cnt,
key = shishi_hostkeys_for_serverrealm (shishi_handle,
server, realm);
else
- key = shishi_hostkeys_for_server (shishi_handle, server);
+ /* Enforce a search with the known default realm. */
+ key = shishi_hostkeys_for_serverrealm (shishi_handle,
+ server, shishi_realm_default (shishi_handle));
free (server);
}
diff --git a/src/rlogin.c b/src/rlogin.c
index 569245e..9a7c483 100644
--- a/src/rlogin.c
+++ b/src/rlogin.c
@@ -617,7 +617,10 @@ try_connect:
#endif /* KERBEROS */
if (rem < 0)
- exit (EXIT_FAILURE);
+ {
+ puts (""); /* Glibc does not close all error strings in rcmd(). */
+ exit (EXIT_FAILURE);
+ }
{
int one = 1;
diff --git a/src/rlogind.c b/src/rlogind.c
index 9663be6..7e8b113 100644
--- a/src/rlogind.c
+++ b/src/rlogind.c
@@ -141,6 +141,12 @@
#ifndef DEFPORT
# define DEFPORT 513
#endif
+#ifndef DEFPORT_KLOGIN
+# define DEFPORT_KLOGIN 543
+#endif
+#ifndef DEFPORT_EKLOGIN
+# define DEFPORT_EKLOGIN 2105
+#endif
#ifdef HAVE___CHECK_RHOSTS_FILE
extern int __check_rhosts_file;
@@ -391,12 +397,12 @@ static struct argp_option options[] = {
#if defined KERBEROS || defined SHISHI
# define GRP 20
{ "kerberos", 'k', NULL, 0,
- "use kerberos IV/V authentication", GRP },
+ "use Kerberos V authentication", GRP },
{ "server-principal", 'S', "NAME", 0,
"set Kerberos server name, overriding canonical hostname", GRP },
# if defined ENCRYPTION
{ "encrypt", 'x', NULL, 0,
- "use DES encryption", GRP },
+ "use encryption", GRP },
# endif
# undef GRP
#endif
@@ -647,13 +653,28 @@ rlogin_daemon (int maxchildren, int port)
if (port == 0)
{
+ char *service;
struct servent *svp;
- svp = getservbyname ("login", "tcp");
+ if (kerberos && encrypt_io)
+ {
+ service = "eklogin";
+ port = DEFPORT_EKLOGIN;
+ }
+ else if (kerberos)
+ {
+ service = "klogin";
+ port = DEFPORT_KLOGIN;
+ }
+ else
+ {
+ service = "login";
+ port = DEFPORT;
+ }
+
+ svp = getservbyname (service, "tcp");
if (svp != NULL)
port = ntohs (svp->s_port);
- else
- port = DEFPORT;
}
/* Become a daemon. Take care to close inherited fds and reserve
diff --git a/telnetd/telnetd.c b/telnetd/telnetd.c
index c376197..82243c5 100644
--- a/telnetd/telnetd.c
+++ b/telnetd/telnetd.c
@@ -466,7 +466,7 @@ telnetd_setup (int fd)
local_hostname = localhost ();
#if defined AUTHENTICATION || defined ENCRYPTION
- auth_encrypt_init (remote_hostname, local_hostname, principal,
+ auth_encrypt_init (local_hostname, remote_hostname, principal,
"TELNETD", 1);
#endif
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 23 +++++++++++++++++++++++
libtelnet/shishi.c | 4 +++-
src/rlogin.c | 5 ++++-
src/rlogind.c | 31 ++++++++++++++++++++++++++-----
telnetd/telnetd.c | 2 +-
5 files changed, 57 insertions(+), 8 deletions(-)
hooks/post-receive
--
GNU Inetutils
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-186-g037be5b,
Mats Erik Andersson <=